package controller

import (
	"crypto/md5"
	"fmt"
	"html/template"
	"io"
	"net/http"
	"strconv"
	"time"
	"w3c/mysession"
)

func (p Routes) Login(w http.ResponseWriter, r *http.Request) {

	if r.Method == "GET" {
		crutime := time.Now().Unix()
		h := md5.New()
		io.WriteString(h, strconv.FormatInt(crutime, 10))
		token := fmt.Sprintf("%x", h.Sum(nil))

		t, _ := template.ParseFiles("view/login.gtpl")
		t.Execute(w, token)
		loginedname := mysession.Sessionget("username")
		if loginedname != nil {
			fmt.Println(loginedname)
		}

	} else {
		//请求的是登陆数据，那么执行登陆的逻辑判断
		r.ParseForm()
		mysession.Sessionset("username", "conqweal")

		template.HTMLEscape(w, []byte("<script>alert(1)</script>")) //输出到客户端

	}

}
